AE18-COURSE PACKET 4-WORKSHEET 4-Oct. 5-12, 2023

POWER School of Technology Inc.
Subject Code/Description: AE18 / IT APPLICATION TOOLS IN BUSINESS

Year/Course: 3rd / BS AIS
Teacher: MR. BRIAN F. JOSON
Contact Details: 09491926091; bfjoson.PST@gmail.com
Course Packet # : 4
Module Name : Cyber Attacks and Malwares
Period Covered : Oct. 5-12, 2023
A cyber-attack is any attempt to gain unauthorized access to a computer, computing system or

computer network with the intent to cause damage. Cyber-attacks aim to disable, disrupt, destroy or
control computer systems or to alter, block, delete, manipulate or steal the data held within these
systems.
A cyber-attack can be launched from anywhere by any individual or group using one or more various
attack strategies.
People who carry out cyber-attacks are generally regarded as cybercriminals. Often referred to as bad
actors, threat actors and hackers, they include individuals who act alone, drawing on their computer
skills to design and execute malicious attacks. They can also belong to a criminal syndicate, working
with other threat actors to find weaknesses or problems in the computer systems -- called
vulnerabilities -- that can be exploited for criminal gain.
Government-sponsored groups of computer experts also launch cyber-attacks. They're identified as

nation-state attackers, and they have been accused of attacking the information technology (IT)
infrastructure of other governments, as well as nongovernment entities, such as businesses,
nonprofits, and utilities.
Cyber-attacks are designed to cause damage. They can have various objectives, including the
following:
Financial gain. Most cyber-attacks today, especially those against commercial entities, are launched
by cybercriminals for financial gain. These attacks often aim to steal sensitive data, such as customer
credit card numbers or employee personal information, which the cybercriminals then use to access
money or goods using the victims' identities.
Other financially motivated attacks are designed to disable the computer systems themselves, with
cybercriminals locking computers so that their owners and authorized users cannot access the
applications or data they need; attackers then demand that the targeted organizations pay them
ransoms to unlock the computer systems.
Still other attacks aim to gain valuable corporate data, such as propriety information; these types of
cyber attacks are a modern, computerized form of corporate espionage.
Disruption and revenge. Bad actors also launch attacks specifically to sow chaos, confusion,
discontent, frustration or mistrust. They could be taking such action as a way to get revenge for acts
taken against them. They could be aiming to publicly embarrass the attacked entities or to damage
1|Page
the organizations' reputation. These attacks are often directed at government entities but can also hit
commercial entities or nonprofit organizations.
Nation-state attackers are behind some of these types of attacks. Others, called hacktivists, might
launch these types of attacks as a form of protest against the targeted entity; a secretive decentralized
group of internationalist activists known as Anonymous is the most well known of such groups.
Insider threats are attacks that come from employees with malicious intent.
Cyberwarfare. Governments around the world are also involved in cyber attacks, with many national
governments acknowledging or suspected of designing and executing attacks against other countries
as part of ongoing political, economic and social disputes. These types of attacks are classified as
cyberwarfare.
Threat actors use various techniques to launch cyber attacks, depending in large part on whether
they're attacking a targeted or an untargeted entity.
In an untargeted attack, where the bad actors are trying to break into as many devices or systems as
possible, they generally look for vulnerabilities that will enable them to gain access without being
detected or blocked. They might use, for example, a phishing attack, emailing large numbers of
people with socially engineered messages crafted to entice recipients to click a link that will
download malicious code.
In a targeted attack, the threat actors are going after a specific organization, and methods used vary
depending on the attack's objectives. The hacktivist group Anonymous, for example, was suspected
in a 2020 distributed denial-of-service (DDoS) attack on the Minneapolis Police Department website
after a Black man died while being arrested by Minneapolis officers. Hackers also use spear-phishing
campaigns in a targeted attack, crafting emails to specific individuals who, if they click included
links, would download malicious software designed to subvert the organization's technology or the
sensitive data it holds.
Cyber criminals often create the software tools to use in their attacks, and they frequently share those
on the so-called dark web.
Cyber attacks often happen in stages, starting with hackers surveying or scanning for vulnerabilities
or access points, initiating the initial compromise and then executing the full attack -- whether it's
stealing valuable data, disabling the computer systems or both.
Cyber attacks most commonly involve the following:
1. Malware, in which malicious software is used to attack information systems. Ransomware,

spyware and Trojans are examples of malware. Depending on the type of malicious code,
2|Page
malware could be used by hackers to steal or secretly copy sensitive data, block access to
files, disrupt system operations or make systems inoperable.
2. Phishing, in which hackers socially engineer email messages to entice recipients to open
them. The recipients are tricked into downloading the malware contained within the email by
either opening an attached file or embedded link.
3. Man-in-the-middle, or MitM, where attackers secretly insert themselves between two parties,
such as individual computer users and their financial institution. Depending on the details of
the actual attack, this type of attack may be more specifically classified as a man-in-the
browser attack, monster-in-the-middle attack or machine-in-the-middle attack. It is also
sometimes called an eavesdropping attack.
4. DDoS, in which hackers bombard an organization's servers with large volumes of
simultaneous data requests, thereby making the servers unable to handle any legitimate
requests.
5. SQL injection, where hackers insert malicious code into servers using the Structured Query
Language programming language to get the server to reveal sensitive data.
6. Zero-day exploit, which happens when a newly identified vulnerability in IT infrastructure is
first exploited by hackers.
7. Domain name system (DNS) tunneling, a sophisticated attack in which attackers establish and
then use persistently available access -- or a tunnel -- into their targets' systems. 8. Drive-by, or
drive-by download, occurs when an individual visits a website that, in turn, infects the
unsuspecting individual's computer with malware.
9. Credential-based attacks happen when hackers steal the credentials that IT workers use to
access and manage systems and then use that information to illegally access computers to
steal sensitive data or otherwise disrupt an organization and its operations.
3|Page
There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous
cybersecurity best practices that organizations can follow to reduce the risk.
Reducing the risk of a cyber attack relies on using a combination of skilled security professionals,
processes and technology.
Reducing risk also involves three broad categories of defensive action:
1. Preventing attempted attacks from actually entering the organization's IT systems;

2. Detecting intrusions; and
3. Disrupting attacks already in motion -- ideally, at the earliest possible time.
Best practices include the following:
• Implementing perimeter defenses, such as firewalls, to help block attack attempts and to
block access to known malicious domains;
• Using software to protect against malware, namely antivirus software, thereby adding another
layer of protection against cyber attacks;
• Having a patch management program to address known software vulnerabilities that could be
exploited by hackers;
• Setting appropriate security configurations, password policies and user access controls; •
Maintaining a monitoring and detection program to identify and alert to suspicious activity; •
Creating incident response plans to guide reaction to a breach; and
• Training and educating individual users about attack scenarios and how they as individuals
have a role to play in protecting the organization.
The massive so-called SolarWinds attack, detected in December 2020, breached U.S. federal
agencies, infrastructure and private corporations in what is believed to be among the worst
cyberespionage attacks inflicted on the U.S. On Dec. 13, 2020, it was revealed that Austin-based IT
management software company SolarWinds was hit by a supply chain attack that compromised
updates for its Orion software platform. As part of this attack, threat actors inserted their own
malware, now known as Sunburst or Solorigate, into the updates, which were distributed to many
SolarWinds customers. The first confirmed victim of this backdoor was cybersecurity firm FireEye,
which had disclosed on Dec. 8 that it had been breached by suspected nation-state hackers. It was
soon revealed that SolarWinds attacks affected other organizations, including tech giants Micrososft
and VMware and many U.S. government agencies. Investigations showed that the hackers -- believed
to be sponsored by the Russian government -- had been infiltrating targeted systems undetected since
March 2020. As of January 2021, investigators were still trying to determine the scope of the attack.
Here is a rundown of some of the most notorious breaches, dating back to 2009:
4|Page
•a July 2020 attack on Twitter, in which hackers were able to access the Twitter accounts
of high-profile users;
•a breach at Marriott's Starwood hotels, announced in November 2018, with the personal
data of upward of 500 million guests compromised;
• the Feb. 2018 breach at Under Armour's MyFitnessPal (Under Armour has since sold
MyFitnessPal) that exposed email addresses and login information for 150 million user
accounts;
• the May 2017 WannaCry ransomware attack, which hit more than 300,000 computers
across various industries in 150 nations, causing billions of dollars of damage;
• the September 2017 Equifax breach, which saw the personal information of 145 million
individuals compromised;
• the Petya attacks in 2016 that were followed by the NotPetya attacks of 2017, which hit
targets around the world causing more than $10 billion in damage;
• another 2016 attack, this time at FriendFinder, which said more than 20 years' worth of
data belonging to 412 million users was compromised;
•a data breach at Yahoo in 2016 that exposed personal information contained within 500
million user accounts, which was then followed by news of another attack that
compromised 1 billion user accounts;
•a 2014 attack against entertainment company Sony, which compromised both personal data
and corporate intellectual property (IP), including yet-to-be-released films, with U.S.
officials blaming North Korea for the hack;
• eBay's May 2014 announcement that hackers used employee credentials to collect
personal information on its 145 million users;
• the 2013 breach suffered by Target Corp., in which the data belonging to 110 million
customers was stolen; and
5|Page
• the Heartland Payment Systems data breach, announced in January 2009, in which
information on 134 million credit cards was exposed.
The number of cyber attacks grew significantly in 2020, following a years-long trend of escalating
cyber incidents and presaging a cybersecurity future beset with challenges.
The types of cyber attacks, as well as their sophistication, also grew during the first two decades of
the 21st century.
Consider, for example, the growing number and type of attack vectors -- that is, the method or
pathway that malicious code uses to infect systems -- over the years.
The first virus was invented in 1986, although it wasn't intended to corrupt data in the infected
systems. The first worm distributed through the internet, called the Morris worm, was created in
1988 by Cornell University graduate student Robert Tappan Morris.
Then came Trojan horse, ransomware and DDoS attacks, which became more destructive and
notorious with names like WannaCry, Petya and NotPetya -- all ransomware attack vectors.
The 2010s then saw the emergence of cryptomining malware -- also called cryptocurrency mining
malware or cryptojacking -- where hackers use malware to illegally take over a computer's
processing power to use it to solve complex mathematical problems in order to earn cryptocurrency,
a process called mining. Cryptomining malware dramatically slows down computers and disrupts
their normal operations.
Hackers also adopted more sophisticated technologies throughout the first decades of the 21st
century, using machine learning and artificial intelligence (AI), as well as bots and other robotic
tools, to increase the velocity and volume of their attacks.
And they developed more sophisticated phishing and spear-phishing campaigns, even as they
continued to go after unpatched vulnerabilities; compromised credentials, including passwords; and
misconfigurations to gain unauthorized access to computer systems.
Malware
Malware is the collective name for a number of malicious software variants, including viruses,
ransomware and spyware. Shorthand for malicious software, malware typically consists of code
developed by cyberattackers, designed to cause extensive damage to data and systems or to gain
unauthorized access to a network. Malware is typically delivered in the form of a link or file over
email and requires the user to click on the link or open the file to execute the malware.
6|Page
Malware has actually been a threat to individuals and organizations since the early 1970s when the
Creeper virus first appeared. Since then, the world has been under attack from hundreds of
thousands of different malware variants, all with the intent of causing the most disruption and
damage as possible.
Malware delivers its payload in a number of different ways. From demanding a ransom to stealing
sensitive personal data, cybercriminals are becoming more and more sophisticated in their methods.
The following is a list of some of the more common malware types and definitions.
Types of Malware:
Virus
Possibly the most common type of malware, viruses attach their malicious code to clean code and
wait for an unsuspecting user or an automated process to execute them. Like a biological virus, they
can spread quickly and widely, causing damage to the core functionality of systems, corrupting files
and locking users out of their computers. They are usually contained within an executable file.
Worms
Worms get their name from the way they infect systems. Starting from one infected machine, they
weave their way through the network, connecting to consecutive machines in order to continue the
spread of infection. This type of malware can infect entire networks of devices very quickly.
Spyware
Spyware, as its name suggests, is designed to spy on what a user is doing. Hiding in the background
on a computer, this type of malware will collect information without the user knowing, such as credit
card details, passwords and other sensitive information.
Trojans
Just like Greek soldiers hid in a giant horse to deliver their attack, this type of malware hides within
or disguises itself as legitimate software. Acting discretely, it will breach security by creating
backdoors that give other malware variants easy access.
Ransomware
Also known as scareware, ransomware comes with a heavy price. Able to lockdown networks and
lock out users until a ransom is paid, ransomware has targeted some of the biggest organizations in
the world today — with expensive results.
Each type of malware has its own unique way of causing havoc, and most rely on user action of some
kind. Some strains are delivered over email via a link or executable file. Others are delivered via
instant messaging or social media. Even mobile phones are vulnerable to attack. It is essential that
organizations are aware of all vulnerabilities so they can lay down an effective line of defense.
7|Page
Protection from Malware
Keep your software up to date

Software makers like Microsoft and Oracle routinely update their software to fix bugs that could
potentially be exploited by hackers. Oracle just released on Sunday an update to its Java software to
fix a security hole hackers could have used to infect computers with malware.
The software patch came after the Department of Homeland Security sent out an advisory late last
week about the security flaw recommending computer users disable the Java plug-in in their Web
browsers.
Don’t click on links within emails

A good rule of thumb is if you don’t recognize a sender of an email, don’t click on any links within
it. Microsoft says 44.8 percent of Windows virus infections happen because the computer user
clicked on something.
Use free antivirus software

You don’t have to pay for software to protect your computer or for an annual subscription to
maintain the latest virus protection. For Windows users, Microsoft Security Essentials is free.
Avast is another free anti-virus program.
Back up your computer

Do you regularly back up the information on your computer? If you don’t – and 29 percent of
computer users fall into that category – you have no protection from calamites ranging from hard
drive failure to your house burning down. If you value your data, back it up.
You have three basic backup options: an external hard drive, online backup service, or cloud storage.
Use a service like Google Drive, and your files will be continually backed up to the cloud. And the
price is right: free for up to 5 GB of data. For more, see Online Storage Wars: Which Virtual Storage
Is Best?
Use a strong password

A strong password is one that is complex, with a mix of letters, numbers, and symbols. While some
people use the same password for everything, try to avoid that practice.
Password security company SplashData.com says the three most common passwords are password,
123456, and 12345678. The company recommends avoiding using the same user name/password
combination for multiple online site logins.
When creating a password, use eight characters or more and, to make them easier to remember, try
using short phrases separated by spaces or underscore marks – such as “car_park_city?”
8|Page
Best idea? Use a free service like LastPass to create and manage your passwords. You only have to
remember one password: the one that opens your LastPass vault. Once you’ve opened it, LastPass
will automatically log you in to every site you visit requiring a password. It’s really handy – check it
out.
Use a firewall
Just because you have antivirus software running doesn’t mean you have a firewall. Both PCs and
Macs come with built-in firewall software. Be sure to check that it’s enabled.
Minimize downloads
Make sure your Web browser’s security settings are high enough to detect unauthorized downloads.
For Internet Explorer, the medium security setting is the minimum level to use.
Use a pop-up blocker

Web browsers have the ability to stop pop-up windows and allow you to set the security for
accepting pop-ups. The federal OnGuardOnline site recommends never clicking on links within pop
up screens.
Even the most vigilant of computer users still run the risk of picking up malware. You should suspect
a computer virus if your machine slows down, crashes, or repeats error messages.
Other clues include the computer failing to promptly shut down or restart, new toolbars you didn’t
install, a changing home page, or a laptop battery draining faster than it should.
9|Page
Course Packet # : 4
Module Name : Cyber Attacks and Malwares
Period Covered : Oct. 5-12, 2023
Worksheet no. 4
Date of Submission: Oct. 14, 2023
Answer the Following:

1. What is a cyber-attack?
2. Why do cyber-attacks happen?
3. How do cyber-attacks work?
4. What are the most common types of cyber-attacks? Explain each briefly.
5. How can you prevent a cyber-attack?
6. Give some well-known cyber-attacks this year, 2022.
7. How does malware spread?
8. What can malware do?
9. How to protect against malware?
10. What are the different types of computer malware?
10 | P a g e

AE18-COURSE PACKET 4-WORKSHEET 4-Oct. 5-12, 2023

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

AE18-COURSE PACKET 4-WORKSHEET 4-Oct. 5-12, 2023

Uploaded by

Copyright:

Available Formats

POWER School of Technology Inc.

Subject Code/Description: AE18 / IT APPLICATION TOOLS IN BUSINESS

A cyber-attack is any attempt to gain unauthorized access to a computer, computing system or

Government-sponsored groups of computer experts also launch cyber-attacks. They're identified as

Cyber attacks most commonly involve the following:

1. Malware, in which malicious software is used to attack information systems. Ransomware,

Reducing risk also involves three broad categories of defensive action:

1. Preventing attempted attacks from actually entering the organization's IT systems;

Best practices include the following:

Protection from Malware

Keep your software up to date

Don’t click on links within emails

Use free antivirus software

Back up your computer

Use a strong password

Use a pop-up blocker

Answer the Following:

You might also like